"Because Android is so popular, it's likely that Google has
plaintext
Wi-Fi passwords for the majority of password-protected Wi-Fi
networks in the world," Lee wrote.

As an Android device owner adds Wi-Fi network passwords over the
course of using the device, every new password is saved on the
device. But because Android devices aren't equipped to encrypt
passwords, the devices must be saving and transmitting those
passwords in plaintext.

"If the attacker wants to do more active attacks, they can
connect to your Wi-Fi network and mount a
man-in-the-middle attack to eavesdrop on and modify any
unencrypted Internet traffic," Lee added. "If you download a
file, they can serve you a malicious version instead."

In a statement to tech blog Ars Technica, Google said that
Android backup data was "encrypted in transit, accessible only
when the user has an authenticated connection to Google and
stored at Google data centers, which have strong protections
against digital and physical attacks."

The Google representative did not specify whether the data was
encrypted on Google's servers, but added that disabling backup on
an Android device would cause all backups to be erased.

Lee noted that since Google at least partly cooperates with NSA
data-mining operations, it's possible that the spy agency could
get hold of Wi-Fi passwords.

The Android backup feature is turned on by default on stock
Android devices, which includes the Nexus line of smartphones and
tablets. It can be switched on or off under Backup & Reset in
the stock Android Settings menu.

(Manufacturers that tweak their Android builds, such as Samsung
or HTC, have their own policies.)

Backup is part of the main Android application program interface,
or API, meaning it can be accessed by other apps in order to
transmit data to the cloud in case the device were to become
compromised.